[Pkg-openssl-devel] Bug#736687: Bug#736687: libssl1.0.0: default cipher list contains insecure ciphers
Kurt Roeckx
kurt at roeckx.be
Sun Oct 30 21:40:42 UTC 2016
On Sun, Oct 30, 2016 at 11:35:23PM +0200, Adrian Bunk wrote:
> I am raising this to RC severity since 1.0.2 will likely still be
> shipped in stretch, and removing ciphers from the 1.0.2 defaults
> that were already removed from the 1.1.0 defaults should clearly
> be done for stretch.
I did plan on disabling 3DES and RC4 in 1.0.2 for stretch.
Kurt
More information about the Pkg-openssl-devel
mailing list